CISA releases six advisories on industrial control systems vulnerabilities

Six new advisories concerning vulnerabilities in Industrial Control Systems (ICS) have been issued, highlighting affected products from manufacturers including Schneider Electric, Shelly, and METZ CONNECT. The vulnerabilities pertain to modifications in Supervisory Control and Data Acquisition (SCADA) systems, power management software, and metering devices, with impacts ranging from unauthorized access to potential operational disruptions.

The advisories encompass a set of specific vulnerabilities identified by CISA. These include issues in Schneider Electric EcoStruxure Machine SCADA Expert and Pro-face BLUE Open Studio, designated as ICSA-25-322-01. Shelly products addressed include the Pro 4PM (ICSA-25-322-02) and Pro 3EM (ICSA-25-322-03). Additional advisories cover Schneider Electric PowerChute Serial Shutdown (ICSA-25-322-04), METZ CONNECT EWIO2 (ICSA-25-322-05), and an update labeled Schneider Electric EcoStruxure (Update B) with the identifier ICSA-25-224-03. Each advisory details specific software or firmware versions and the components impacted, along with potential exploit conditions when applicable.

The vulnerabilities documented present risks such as unauthorized control, data manipulation, and interference with normal device operations within affected systems. These conditions may result in disruption of service or compromise of system integrity as outlined in the published advisories.

Mitigation steps and, where applicable, firmware or software updates have been provided for some vulnerabilities, according to the advisories. Users and administrators are advised to apply prescribed patches and follow recommended configurations to address the identified issues. For certain advisories, updates are made available to remediate the vulnerabilities, while others may still be under investigation or lack immediate fixes.

Operators and security personnel are encouraged to examine the detailed advisories issued by CISA to understand the technical specifics and remediation options pertaining to each vulnerability. Staying informed through the provided resources allows for appropriate measures to maintain system security and performance.